Tokenization technology aims to mask sensitive data like credit card and Social Security numbers. Existing systems that process data matching a particular format sometimes need to be prohibited from accessing the actual data. The data itself is replaced with a “token” that appears to be correctly formatted data, such as having a correct check digit. Based on the token value, a properly authorized system can look up the actual data.
An access control list (ACL), accessible to the Tokenization Server, can be used to determine systems that possess the proper authorization to receive the actual data. After checking credentials with the ACL, the Tokenization Server returns the genuine data to the properly authenticated and authorized system.